SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1840-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1840-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt...

ruby4.0-rubygem-jquery-rails-4.6.0-1.9 on GA media (moderate)

ruby4.0-rubygem-jquery-rails-4.6.0-1.9 on GA media Announcement ID: openSUSE-SU-2026:10350-1 Rating: moderate Cross-References: CVE-2015-1840 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in th...

EUVD-2026-1840

Malicious code in secguest-lib npm...

RHEL 6 / 7 : devtoolset-4-jackson-databind (RHSA-2017:1840)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1840 advisory. The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security...

CVE-2025-1840

A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the argument flowId leads to sql injection. The attack may be launched...

CVE-2025-1840 ESAFENET CDG updateorg.jsp sql injection

A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGServer3/workflowE/useractivate/updateorg.jsp. The manipulation of the argument flowId leads to sql injection. The attack may be launched...

RHEL 5 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

CVE-2024-1840 WPBakery Visual Composer <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Author

The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Author tag attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or...

Amazon Linux AMI : axis (ALAS-2023-1840)

The version of axis installed on the remote host is prior to 1.2.1-7.5.15. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1840 advisory. UNSUPPPORTED WHEN ASSIGNED UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been...

Oracle Linux 8 : openssl (ELSA-2020-1840)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1840 advisory. - fix CVE-2019-1547 - side-channel weak encryption vulnerability - fix CVE-2019-1563 - padding oracle in CMS API - fix CVE-2019-1549 - ensure fork safe...

CVE-2023-1840

creationtimestamp| type| source ---|---|--- 2023-04-05 00:25:41+00:00| seen| https://t.me/cibsecurity/61426...

CVE-2023-1840 Sp*tify Play Button for WordPress <= 2.07 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Sptify Play Button for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.07 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2018-1840)

Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1840)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for kernel-firmware (SUSE-SU-2022:1840-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:1840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1840

creationtimestamp| type| source ---|---|--- 2022-05-24 12:47:30+00:00| seen| https://t.me/cibsecurity/43230...

CVE-2022-1840

A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input alert1 leads to cross site scripting. The attack may be initiated remotely but demands authenticatio...

CVE-2022-1840 Home Clean Services Management System cross site scripting

A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input alert1 leads to cross site scripting. The attack may be initiated remotely but demands authenticatio...

CVE-2022-1840

CVE-2022-1840 affects Home Clean Services Management System 1.0. The vulnerability exists in register.php?link=register where user-supplied input can be manipulated to produce cross-site scripting (XSS). The available sources describe a payload like that leads to client-side script execution. Th...